Other CSIRT teams that GovCERT.CZ maintains a close cooperation with include the Masaryk’s University CSIRT (hereinafter „CSIRT-MU“), a top level European establishment. Cooperation with CSIRT-MU is mostly of technical nature. The theoretical support was complemented as in the previous year by internships at the CSIRT-MU; two GovCERT.CZ staff took part in 2014. Equally interesting is the involvement of the GovCERT.CZ members in the Cyber Range project, the aim of which is to research, develop and compose a unique environment designated for threat analysis related to CII, and for R&D of methods of CII protection against cyber-attacks. They were also involved in the Czech Cybercrime Centre of Excellence project that aims at creating a quality training centre for courses and education in the field of prevention and elimination of cyber criminality.
-
Police and Intelligence Services are also relevant partners in handling cyber security incidents. The cooperation mostly takes form of information exchange regarding ongoing or already resolved cyber security incidents and mutual exchange of experience and know-how.
An important 2014 milestone was the decision of the Police President to set up a national unit to fight cybercrime. NSA welcomes the initiative and has promised assistance in setting up the new unit and further cooperation in capacity building of the Police to fight cybercrime.
The mutual relations are further strengthened by regular participation of the Police and Intelligence Services representatives in cyber security exercises.
Ministry of Defence
GovCERT.CZ continues to closely cooperate with the CIRC Centre that constitutes the main component of the cyber security capabilities of the Czech Ministry of Defence (hereinafter “MoD”). Apart from the exchange of experience and information about cyber security incidents, the two institutions participate together in cyber exercises, particularly the Cyber Coalition, where they partner in solving scenarios and together represent the Czech Republic.16
Based on the experience gained through mutual communication and coordination of the two teams, preparatory works on an Executive Agreement on Mutual Support in the Field of Cyber Security between NSA and MoD began in 2014. The agreement will ensure a fast operative collaboration of the technical teams in handling cyber security events and incidents.
Cooperation between NSA and the MoD has also been established at the strategic level. NSA as the national cyber security authority consults with the MoD technical, legislative and conceptual possibilities of cyber defence and discusses the options for building the Army’s cyber capabilities.
Academia
NSA/NCSC has established and continues to maintain relationships with the Czech academia through cooperation agreements. As of the end of 2014, agreements have been signed with the following academic institutions: Masaryk University, Brno University of Technology, University of Defence, Czech Technical University in Prague, Palacký University Olomouc and CEVRO Institute.
Prominent cooperation takes place with Masaryk University in Brno. According to the 2014 agreement, NCSC employees will give lectures in the framework of the Security and strategic studies degree programme of the Faculty of Social Studies. They will also provide consultations on diploma thesis related to cyber security topics.
In 2014, NSA also partnered with Palacký University Olomouc and joined the preparations of a course introducing students to cyber security. To this end, NSA employees have had the opportunity to participate in the creation of the course syllabus in autumn 2014 and they will later join the teaching as well.
Other partners
A key NCSC partner is Microsoft, particularly in the area of botnet analysis, information on IP addresses and malware infected computers. NCSC acquires a unique set of data from the company for further processing. This analysis and evaluation helps to increase the overall level of cyber security in the Czech Republic.
By intermediary of the Czech Banking Association, NCSC cooperates with banks interested in raising the protection of their computer infrastructure. Namely banks often become targets of the cyber-attacks.
GovCERT.CZ also cooperates with the members of so-called Secure VLAN, or FENIX. This project should mitigate the impacts of massive DDoD attacks similar to those experienced by the Czech Republic in March 2013. The project runs under the auspices of the national peering centre NIX.CZ and with the involvement of major telecommunication companies.
Besides the above mentioned partners, NCSC cooperates at the national level with the Association of Regions of the Czech Republic, the Region of Vysočina, the Armed Forces Communications Electronics Association (AFCEA), and the National Centre for Safer Internet.17
CYBER CZECH 2014 National Exercise
In October 2014, NCSC organized the first national cyber security exercise, CYBER CZECH 2014. It was a non-technical, table-top18 exercise, designed to practice, through a group discussion, the ability to cooperate in managing cyber security incidents and to verify the communication channels used in such cooperation. The all-day exercise was attended by representatives of the ministries of transport; finance; defence; industry and trade; interior; foreign affairs; labour and social affairs; justice; environment; education, youth and sports; and representatives of the Office for Personal Data Protection, the Czech Telecommunication Bureau, Czech National Bank, the Office of the Government and the National Registers Authority. In two simulated scenarios all present trainees acted as the security director and IT security managers of a fictitious ministry and their reactions to large-scale DDoS attacks against their website and a spear-phishing campaign aimed at their employees were tested.
The group of sixteen participants was supplemented by a 12 member expert jury, composed of representatives of the CSIRT.CZ and CSIRT-MU security teams, the internet provider Active 24, the Supreme Public Prosecutor’s Office, Police, Intelligence Services, Masaryk University ICT law experts and NSA itself. The jury’s task was to evaluate and comment on the trainees’ responses and proposals.
The exercise generated a positive feedback from the trainees and the expert jury. The event was unique because of the combination of experts and officers responsible for ICT security at their respective workplaces who gathered in one place to discuss. The value of such event proved to be substantial in all respects and NSA will continue to organize the national exercises in the forthcoming years.
Dostları ilə paylaş: |